720b4ea73cbbf0d6cda0398747438500d108af0916e211065756337e13d45196[.]zip

General

Target

720b4ea73cbbf0d6cda0398747438500d108af0916e211065756337e13d45196.zip
Size

673KB
MD5

27830ad3d2fc49da1b1a7f34e6c765e3
SHA1

1cab656f2a0628f146b28d24188dd494165457ce
SHA256

57c98c0ee6d320d692b8c40432bcd5ffce9e72fcf5b1f13662a14d897f48a002
SHA512

8d467105966a0bfbc5cab580283b4d5398102956c468fb0abe8f9ad23a7f46d44e2d80618c9f8befbf5828d90d3705e59bdb779d408b898f61e2cfec892bb669
SSDEEP

12288:IeKpOHuL0BkcfBPgemotFHAwS/825f23jdJJ7/V14HiY1w:GpeBfBzXA182g3jJ7U6

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/New Order PO 208472747_IT.exe

720b4ea73cbbf0d6cda0398747438500d108af0916e211065756337e13d45196.zip
.zip

Password: infected
720b4ea73cbbf0d6cda0398747438500d108af0916e211065756337e13d45196.zip
.zip

Password: infected
New Order PO 208472747_IT.exe
.exe windows x64

Password: infected

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ